By adding security to documents, you can limit viewing, editing,
printing, and other options to only the specified users.

Choosing which type of security
to use

Security features range from relatively simple measures
to sophisticated systems adopted by corporations and agencies. Which
feature you choose depends on what you want to achieve. Here are
some examples:

You want only certain people to view your PDF. The
easiest solution is to add a password to the PDF and send it to
your intended recipients. (See Add password
security.)

You don’t want anyone to print or edit your PDF. You
can block printing and editing from the same dialog box that you
use to add a password. (See Add password
security.)

You want to assure your recipients that the PDF is really from you. The
best way is to purchase a digital ID from a certificate authority.
Alternatively, you can create a self-signed digital ID if you are
communicating with a group that you trust. (See About
digital IDs and Securing
documents with certificates.)

You want an organization-wide security solution for PDFs. You
can devise a solution specifically for a company handling sensitive
data. Some organizations use Adobe LiveCycle Rights Management ES
to apply a policy to documents. The policy contains the list of
recipients and their individual set of permissions. Individuals
can use a policy to apply the same security settings to numerous
documents. (See Securing
documents with Adobe LiveCycle Rights Management ES.)

Security policies

A security policy enforces systematic constraints
on information flow and exchange within an organization. You can
use Adobe LiveCycleRights Management ES
to apply a policy to documents without the need for digital signatures
and certificates. If you often apply the same security settings
to PDFs, consider creating a security policy to simplify your workflow.
Different policies are useful for accommodating different requirements.

Envelope policy

You can secure multiple documents by embedding them in a PDF
envelope. You can encrypt envelopes to prevent unauthorized users
from accessing the contents and certify them to provide proof of
origin. Authorized recipients can open the envelope and extract
the files to view them.

LiveCycle Rights Management ES
policy

Adobe LiveCycleRights Management ES
policies are stored on a server, and users must have access to the server
to use them. Creating these policies requires specifying the document recipients
from a list on Adobe LiveCycleRights
Management ES.

Password and certificate policies

Save your password or certificate settings and reuse them
to encrypt PDFs without setting up the password or certificate for
each instance.

Note:

If you apply security settings
to a PDF Portfolio in Acrobat
Pro, including the component documents, you can automate
the steps by using Action Wizard (Choose
File >Action Wizard).

If
your company is signed up, you can also use Adobe LiveCycle Rights
Management ES to secure documents.

When you use Action Wizard to
apply security to PDF Portfolios in Acrobat
Pro, the child documents are secured, but the cover
sheet is not.

Indicate that you approve of the PDF content

Sign and certify the PDF. You must obtain
a digital ID to add digital signatures. Buy a digital ID (see the
Adobe website for security partners) or create a self-signed one. See Create
a self-signed digital ID.

Choose Tools > Protection > Encrypt > Encrypt
With Certificate, or apply security using Adobe
LiveCycleRights Management ES.
You must have certificates for users who can view the documents.
If you don’t see the Protection panel, see the instructions for
adding panels at Task panes.

Applying password-based security policies to documents. You
can use public key certificates or Adobe LiveCycleRights
Management ES to secure the document. However, you cannot
use password encryption to secure the document.

Creating self-signed certificates. To create a self-signed
digital ID, it must be saved to the Windows certificate store. You
cannot create a self-signed digital ID that is saved to a file.

RC4 encryption. A PDF file can only be encrypted by using
the AES encryption algorithm when in FIPS mode.

MD5 or RIPEMD160 digest methods. In FIPS mode, only the SHA-1
and SHA-2 families of digest algorithms can be used when creating
a digital signature.

In FIPS mode, you can open
and view documents that are protected with algorithms that are not
FIPS compliant. However, you can’t save any changes to the document
using password security. To apply security policies to the document,
use either public key certificates or Adobe LiveCycleRights Management ES.